summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <kalnischkies@gmail.com>2010-06-08 19:27:49 +0200
committerDavid Kalnischkies <kalnischkies@gmail.com>2010-06-08 19:27:49 +0200
commit1ddb859611d2e0f3d9ea12085001810f689e8c99 (patch)
tree87399568a61da4d8bdd3b08bdc168462925ee1c4
parent6dd8400ca787ef832d87121f304f98ad152dc3a6 (diff)
* apt-pkg/indexrecords.cc:
- backport forgotten Valid-Until patch from the obsolete experimental branch to prevent replay attacks better, thanks to Thomas Viehmann for the initial patch! (Closes: #499897)
-rw-r--r--apt-pkg/acquire-item.cc12
-rw-r--r--apt-pkg/indexrecords.cc38
-rw-r--r--apt-pkg/indexrecords.h4
-rw-r--r--debian/changelog4
-rwxr-xr-xtest/pre-upload-check.py14
-rw-r--r--test/testsources.list/sources.list.all-validuntil-broken1
6 files changed, 70 insertions, 3 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index c035b9163..4a846804e 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -33,6 +33,7 @@
#include <string>
#include <sstream>
#include <stdio.h>
+#include <ctime>
/*}}}*/
using namespace std;
@@ -1177,6 +1178,15 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/
Transformed = "";
}
+ if (_config->FindB("Acquire::Check-Valid-Until", true)) {
+ if (MetaIndexParser->GetValidUntil() > 0 &&
+ time(NULL) > MetaIndexParser->GetValidUntil()) {
+ return _error->Error(_("Release file expired, ignoring %s (valid until %s)"),
+ RealURI.c_str(),
+ TimeRFC1123(MetaIndexParser->GetValidUntil()).c_str());
+ }
+ }
+
if (_config->FindB("Debug::pkgAcquire::Auth", false))
{
std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl;
@@ -1194,7 +1204,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/
// return false;
if (!Transformed.empty())
{
- _error->Warning("Conflicting distribution: %s (expected %s but got %s)",
+ _error->Warning(_("Conflicting distribution: %s (expected %s but got %s)"),
Desc.Description.c_str(),
Transformed.c_str(),
MetaIndexParser->GetDist().c_str());
diff --git a/apt-pkg/indexrecords.cc b/apt-pkg/indexrecords.cc
index 1fc27b1a1..24ed02ba5 100644
--- a/apt-pkg/indexrecords.cc
+++ b/apt-pkg/indexrecords.cc
@@ -7,8 +7,11 @@
#include <apt-pkg/tagfile.h>
#include <apt-pkg/error.h>
#include <apt-pkg/strutl.h>
+#include <apt-pkg/configuration.h>
#include <apti18n.h>
#include <sys/stat.h>
+#include <clocale>
+
/*}}}*/
string indexRecords::GetDist() const
{
@@ -26,6 +29,11 @@ string indexRecords::GetExpectedDist() const
return this->ExpectedDist;
}
+time_t indexRecords::GetValidUntil() const
+{
+ return this->ValidUntil;
+}
+
const indexRecords::checkSum *indexRecords::Lookup(const string MetaKey)
{
return Entries[MetaKey];
@@ -82,7 +90,33 @@ bool indexRecords::Load(const string Filename) /*{{{*/
return false;
}
- string Strdate = Section.FindS("Date"); // FIXME: verify this somehow?
+ string Label = Section.FindS("Label");
+ string StrDate = Section.FindS("Date");
+ string StrValidUntil = Section.FindS("Valid-Until");
+
+ // if we have a Valid-Until header, use it
+ if (!StrValidUntil.empty())
+ {
+ // set ValidUntil based on the information in the Release file
+ if(!StrToTime(StrValidUntil, ValidUntil))
+ {
+ ErrorText = _(("Invalid 'Valid-Until' entry in Release file " + Filename).c_str());
+ return false;
+ }
+ } else {
+ // if we don't have a valid-until string, check if we have a default
+ if (!Label.empty())
+ {
+ int MaxAge = _config->FindI(string("apt::acquire::max-default-age::"+Label).c_str(),0);
+ if(MaxAge > 0 && !StrToTime(StrDate, ValidUntil))
+ {
+ ErrorText = _(("Invalid 'Date' entry in Release file " + Filename).c_str());
+ return false;
+ }
+ ValidUntil += 24*60*60*MaxAge;
+ }
+ }
+
return true;
}
/*}}}*/
@@ -160,6 +194,6 @@ indexRecords::indexRecords()
}
indexRecords::indexRecords(const string ExpectedDist) :
- ExpectedDist(ExpectedDist)
+ ExpectedDist(ExpectedDist), ValidUntil(0)
{
}
diff --git a/apt-pkg/indexrecords.h b/apt-pkg/indexrecords.h
index 468d2bd0f..500cf23c4 100644
--- a/apt-pkg/indexrecords.h
+++ b/apt-pkg/indexrecords.h
@@ -12,6 +12,7 @@
#include <map>
#include <vector>
+#include <ctime>
class indexRecords
{
@@ -25,6 +26,8 @@ class indexRecords
string Dist;
string Suite;
string ExpectedDist;
+ time_t ValidUntil;
+
std::map<string,checkSum *> Entries;
public:
@@ -38,6 +41,7 @@ class indexRecords
virtual bool Load(string Filename);
string GetDist() const;
+ time_t GetValidUntil() const;
virtual bool CheckDist(const string MaybeDist) const;
string GetExpectedDist() const;
virtual ~indexRecords(){};
diff --git a/debian/changelog b/debian/changelog
index 3771ca415..d8fb57757 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,10 @@
apt (0.7.26~exp5) experimental; urgency=low
[ David Kalnischkies ]
+ * apt-pkg/indexrecords.cc:
+ - backport forgotten Valid-Until patch from the obsolete experimental
+ branch to prevent replay attacks better, thanks to Thomas Viehmann
+ for the initial patch! (Closes: #499897)
* cmdline/apt-get.cc:
- rerun dpkg-source in source if --fix-broken is given (Closes: #576752)
- don't suggest held packages as they are installed (Closes: #578135)
diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py
index 268b3d672..e2dfecbd3 100755
--- a/test/pre-upload-check.py
+++ b/test/pre-upload-check.py
@@ -95,6 +95,20 @@ class testAuthentication(unittest.TestCase):
self.assert_(len(glob.glob("/var/lib/apt/lists/partial/*")) == 0,
"partial/ dir has leftover files: %s" % glob.glob("/var/lib/apt/lists/partial/*"))
+ def testValid(self):
+ for f in glob.glob("testsources.list/sources.list*validuntil*"):
+ self._cleanup()
+ (prefix, testtype, result) = f.split("-")
+ expected_res = self._expectedRes(result)
+ cmd = ["update"]
+ res = call([self.apt,"-o","Dir::Etc::sourcelist=./%s" % f]+cmd+apt_args,
+ stdout=stdout, stderr=stderr)
+ self.assert_(res == expected_res,
+ "test '%s' failed (got %s expected %s" % (f,res,expected_res))
+ if expected_res == 0:
+ self.assert_(len(glob.glob("/var/lib/apt/lists/partial/*")) == 0,
+ "partial/ dir has leftover files: %s" % glob.glob("/var/lib/apt/lists/partial/*"))
+
class testLocalRepositories(unittest.TestCase):
" test local repository regressions "
diff --git a/test/testsources.list/sources.list.all-validuntil-broken b/test/testsources.list/sources.list.all-validuntil-broken
new file mode 100644
index 000000000..bab59bb81
--- /dev/null
+++ b/test/testsources.list/sources.list.all-validuntil-broken
@@ -0,0 +1 @@
+deb http://people.ubuntu.com/~mvo/apt/auth-test-suit/all-validuntil-broken/ /